3. Publishing Applications to Users
7. SGD Servers, Arrays, and Load Balancing
Replicating Data Across the Array
Communication Between Array Members
Secure Intra-Array Communication
Managing Arrays and SGD Servers
Examples of How Array Resilience Works
How to Enable Secure Intra-Array Communication
How to Add a Server to an Array (Secure Intra-Array Communication Enabled)
How to Add a Server to an Array (Secure Intra-Array Communication Disabled)
How to Change the Primary Server in an Array
How to Remove a Server From an Array
How to Change the Cipher Suite for Secure Intra-Array Communication
How to Enable Array Failover for an Array
How to Configure the Array Failover Grace Period
How to Show the Backup Primaries List for an Array
How to Add an Entry to the Backup Primaries List
How to Change the Position of an Entry in the Backup Primaries List
How to Delete an Entry From the Backup Primaries List
How to Configure the Find New Primary Timeout
How to Configure the Action When Failover Ends
How to Rebuild an Array Manually
Using The Load-Balancing JSP Technology Page to Distribute User Sessions
How to Configure the Load-Balancing JSP Technology Page to Distribute User Sessions
Using an External Mechanism to Distribute User Sessions
How to Configure the Load-Balancing JSP Technology Page for an External Load Balancing Mechanism
How to Configure the Load-Balancing JSP Technology Page for Use With My Desktop
Additional Load-Balancing JSP Technology Page Configuration
Application Session Load Balancing
Defining the Application Servers to Run the Application
Selecting the Load Balancing Method
How Application Load Balancing Works
Dynamic Application Servers and Load Balancing
Application Server Availability
The Relative Power of the Application Servers
Example Relative Power Calculation 1
Example Relative Power Calculation 2
The Application Server With the Least Load
Example Load Calculation Using Fewest Application Sessions
Example Load Calculation Using Least CPU Usage
Example Load Calculation Using Most Free Memory
How Advanced Load Management Works
Tuning Application Load Balancing
Application Server's Relative Power
Load Balancing Listening Ports
SGD Requests Updates From an Application Server
Frequency of the Load Calculation
Frequency of Updates to the Primary SGD Server
Reliability of CPU and Memory Data
Frequency of Updates to Array Members
Editing Application Load Balancing Properties
The Global Load Balancing Properties File
The Application Server Load Balancing Properties File
How to Create an Application Server Load Balancing Properties File
The Load Balancing Service Properties File
SGD Web Server and Administration Console
Introducing the SGD Web Server
Using the Administration Console
Supported Browsers for the Administration Console
Starting the Administration Console
Deploying the Administration Console on Other Web Application Containers
Avoiding SGD Datastore Update Problems
Performing Array Operations Using the Administration Console
Administration Console Configuration Settings
Searching and Displaying LDAP Data
Securing Access to the Administration Console
User Sessions and Application Sessions
Anonymous Users and Shared Users
Using Log Filters to Troubleshoot Problems With an SGD Server
Selecting a Component and Subcomponent
Using Log Filters for Auditing
Examples of Using Log Filters for Auditing
Using Log Filters to Troubleshoot Problems With Protocol Engines
Examples of Using PE Log Filters
Tomcat JSP Technology Container Logs
How to Import CA Certificates or Certificate Chains into the CA Certificate Truststore
How to Create a Client Certificate CSR for an SGD Server
How to Install a Client Certificate for an SGD Server
Backing Up and Restoring an SGD Installation
How to Make a Full Backup of an SGD Installation
Restoring a Damaged SGD Component
Binaries, Scripts, and Template Files
Troubleshooting Arrays and Load Balancing
Troubleshooting Array Resilience
Showing Status Information For an SGD Array
Enabling Array Resilience Logging
Troubleshooting Clock Synchronization Issues
Troubleshooting Advanced Load Management
The Load Balancing Service Is Not Working
SGD Ignores an Application Server Load Balancing Properties File
One of the Application Servers Is Never Picked
One of the Application Servers Is Always Picked
Two Identical Application Servers, But One Runs More Applications Than the Other
The SGD Server Log File Shows an Update Received for an Unknown ID
SGD Uses Too Much Network Bandwidth
Users Cannot Connect to an SGD Server When It Is In Firewall Traversal Mode
Users Cannot Relocate Their Sessions
B. Secure Global Desktop Server Settings
This section describes the files that are included in an SGD installation. Information on backing up and restoring your SGD installation is also included.
This section includes the following topics:
The standard installation directory for SGD is /opt/tarantella.
During SGD installation, you have the option of specifying a different installation directory.
You can find out your installation directory from the command line, as follows:
Solaris Operating System (Solaris OS) platforms. Use the command:
$ pkgparam `pkginfo 'tta.*' | cut -d' ' -f2` INSTDIR
Linux system platforms. Use the command:
$ rpm -qi tta | grep Relocations
The SGD installation directory contains the following subdirectories:
bin
etc
lib
var
webserver
The following sections describe the contents of each of these subdirectories, and what each subdirectory is used for.
See also Backing Up and Restoring an SGD Installation.
The bin directory contains the scripts, binaries, and server-side Java™ technology needed to run SGD.
The etc directory contains configuration files that control the behavior of SGD and applications displayed through SGD. It contains the subdirectories listed in the following table.
|
The lib directory contains shared libraries used by the SGD server and shared libraries that you might need when installing the SGD Client on certain platforms.
The var directory contains the files that are used by the web server and the files that the SGD server copies to other members of the array. The var directory contains many subdirectories, and the important ones are listed in the following table.
|
The webserver directory contains the scripts, binaries, and server-side Java technology needed to run the SGD web server, web services, and the webtop. The important subdirectories are listed in the following table.
|
This section describes how to back up an SGD installation, so that you can repair SGD in the event that a component or an entire installation becomes damaged.
Before using the procedures on this page, it is helpful if you are
familiar with the layout of the SGD installation. See About Your SGD Installation.
This section includes the following topics:
To be able to restore an SGD installation or to be able to repair some individual SGD components, you need a full backup.
While making the backup, do not run any command-line tools or use the Administration Console. It is also best if you shut down the SGD server while making the backup. However, if this is not possible, do it when the server is least loaded.
# tarantella archive
See About Your SGD Installation for details of the SGD installation directory.
SGD also uses the following configuration files, which only need to be backed up if you are using them and you have modified them:
The /etc/ttaprinter.conf file – This file contains the lpr defaults
The /etc/sdace.txt and /var/ace/data files – These files contain RSA SecurID settings
Web server password files – If you have created these files for use with the SGD web server, and they are stored outside the SGD installation directory
For the purposes of restoring a damaged installation, SGD can be divided up into the following components:
Binaries, scripts, and template files
Login scripts
Server configuration
Global configuration
The local repository
Automatic log archives
SGD printing
The SGD web server, web services, and the webtop
The following sections describe how to back up each of these components.
The binaries, scripts, and template files are only modified as part of an installation, patch, or custom engineering work. These files do not change very often.
You can restore these files from a backup or another installation, as follows:
The binaries are in the /opt/tarantella/bin/bin directory
The scripts are in the /opt/tarantella/bin/scripts directory
The template files are in the /opt/tarantella/etc/templates directory
The Login Scripts control the interaction between SGD and the application servers, for example, by logging a user in.
How you recover login scripts depends on whether or not you are using customized login scripts.
If you are not using customized login scripts, you can restore these files from another installation, a backup, or from the /opt/tarantella/etc/templates directory.
If you are using customized login scripts, you must only restore these files from a backup.
The login scripts are in the /opt/tarantella/var/serverresources/expect directory.
Server configuration covers all the properties for an SGD server that are not shared with the other SGD servers in the array, such as the server DNS name and server tuning.
As this configuration is unique to a particular SGD host, it must only be restored from a backup taken from that host.
The server-specific configuration is in the /opt/tarantella/var/serverconfig/local directory.
If you are using SGD security services, you must also restore the following:
/opt/tarantella/var/tsp
/opt/tarantella/var/info/certs
/opt/tarantella/var/info/key
Global configuration covers all the properties that are the same for all the SGD servers in the array, for example the names of the other array members.
To restore the global configuration for an SGD server, you must only restore from a backup of the primary SGD server.
The global configuration is in the /opt/tarantella/var/serverconfig/global directory.
The local repository, formerly called the Enterprise Naming Scheme (ENS) datastore, is shared across all SGD servers in the array. This is the organizational hierarchy that contains all the information about users, applications, and application servers. This information changes very often.
Restore the local repository from the backup of the primary SGD server.
The local repository is in the /opt/tarantella/var/ens directory.
By default, SGD archives its log files each week at 4 a.m. on Sunday, using a cron job.
If the root user’s crontab becomes corrupt, or the archiving does not take place, use the tarantella setup command to restore the default setting, or to change the time and day that the archiving takes place.
The log files are archived under the /opt/tarantella/var/log directory.
When you install SGD, it configures an SGD printer queue.
If the printer queue is not present, you can restore it using either of the following methods:
Use the SGD printer queue installation script, prtinstall.en.sh. See The SGD Printer Queue Installation Script.
Use the tarantella setup command.
The printer queue is in the /opt/tarantella/var/print directory.
The configuration of the SGD web server, SGD web services, and the webtop is unique to a particular SGD host and must only be restored from a backup taken from that host.
The configuration for the SGD web server is in the /opt/tarantella/webserver/apache/apache-version directory. You might also have web server password files, which can be stored in other locations.
The configuration for SGD web services is in the /opt/tarantella/webserver/tomcat/tomcat-version directory.
The files used for the webtop are in the /opt/tarantella/webserver/tomcat/tomcat-version/webapps/sgd directory.
If you are unable to restore a damaged SGD component or you are unsure about the extent of the damage to your system, you must do a full restore of your SGD installation.
To do a full restore, you must have a full backup. See
How to Make a Full Backup of an SGD Installation for details of how to back up an SGD installation.
Ensure that no users are logged in to the SGD server, and that there are no application sessions, including suspended application sessions, running on the SGD server.
# tarantella uninstall --purge
Note - If this fails, you might have to manually remove the SGD package. Use the rpm -e tta command on Linux platforms, and the pkgrm tta command on Solaris OS platforms.
# rm -rf /opt/tarantella
This installs the printer queue, rc scripts and package database.
# rm -rf /opt/tarantella
Note - Make sure you restore from the server’s backup. Also, check that the DNS name of the host has not changed.